Wise Health System

Wise Health in Texas reported a data breach incident to HHS as impacting 35,899 patients.

Attackers launched a phishing attack against their system after that several employees fell for the phish and provided their login credentials.

Once these usernames and passwords were obtained, the intruders used the information to access the Employee Kiosk in an attempt to divert payroll direct deposits.

Email boxes may have compromised the patient information such as medical record number, diagnostic and treatment information, and potentially insurance information.

Source: https://www.databreaches.net/wise-health-notifies-almost-36000-after-phishing-attack-compromised-employees-email-accounts/

TPRM report: https://scoringcyber.rankiteo.com/company/wise-regional-health-system

"id": "wis15527323",
"linkid": "wise-regional-health-system",
"type": "Breach",
"date": "03/2019",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'customers_affected': 35899,
                        'industry': 'Healthcare',
                        'location': 'Texas',
                        'name': 'Wise Health',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Phishing',
 'data_breach': {'number_of_records_exposed': 35899,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['medical record number',
                                              'diagnostic and treatment '
                                              'information',
                                              'insurance information']},
 'description': 'Wise Health in Texas reported a data breach incident to HHS '
                'as impacting 35,899 patients. Attackers launched a phishing '
                'attack against their system after that several employees fell '
                'for the phish and provided their login credentials. Once '
                'these usernames and passwords were obtained, the intruders '
                'used the information to access the Employee Kiosk in an '
                'attempt to divert payroll direct deposits. Email boxes may '
                'have compromised the patient information such as medical '
                'record number, diagnostic and treatment information, and '
                'potentially insurance information.',
 'impact': {'data_compromised': ['medical record number',
                                 'diagnostic and treatment information',
                                 'insurance information'],
            'systems_affected': ['Employee Kiosk', 'Email boxes']},
 'initial_access_broker': {'entry_point': 'Phishing email'},
 'motivation': 'Financial gain',
 'post_incident_analysis': {'root_causes': 'Employees falling for phishing '
                                           'emails'},
 'regulatory_compliance': {'regulatory_notifications': 'HHS'},
 'title': 'Wise Health Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Human factor - employees providing login '
                            'credentials'}